[Snort-users] Signature for Snort 1.8.x
andreaso at ...236...
Mon May 13 10:28:02 EDT 2002
On Mon, 13 May 2002, Bastian Ballmann wrote:
> I upgrade the signatures automatically by oinkmaster and now I recognize that
> the rulesets http://www.snort.org/dl/signatures/snortrules.tar.gz is not
> compatible to Snort 1.8.x as it is told on the webside!
Yes they are.
> I also get the error unkown keyword "flow" in many rules and in bad-traffic I
> get the error protocol >134 is unkown.
> Could you please tell me whats going wrong here??
Those rules are commented out by default, and *for a reason*, obviously.
Use -p when running Oinkmaster to preserve the comments (which I
really regret I didn't do as the default behaviour...).
More information about the Snort-users